[dns-operations] DNS cookie bugs
Tony Finch
dot at dotat.at
Fri Dec 8 12:15:16 UTC 2017
Mark Andrews <marka at isc.org> wrote:
>
> I really don’t understand how a DNS developer could decide that it was
> sensible to echo back data that the server does not understand. Most of
> the servers that do this appeared on the net *after* RCF 6891 was
> published. See: http://ednscomp.isc.org/compliance/ts/gov.optfail.html
This one is a different kind of weirdness. The garbage in the server
cookie varies a bit depending on the type but otherwise seems to be almost
always the same.
; <<>> DiG 9.12.0rc1 <<>> +qr +multi +norec www.europarl.europa.eu aaaa @136.173.159.209
;; global options: +cmd
;; Sending:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8516
;; flags: ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 73f12a825df4386c
;; QUESTION SECTION:
;www.europarl.europa.eu. IN AAAA
;; QUERY SIZE: 63
;; Warning: Client COOKIE mismatch
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8516
;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 000000000000000030cebe4a2a00000030cebe4a2a000000 (bad)
;; QUESTION SECTION:
;www.europarl.europa.eu. IN AAAA
;; AUTHORITY SECTION:
europarl.europa.eu. 3600 IN SOA presluxsdnsout.europarl.europa.eu. dnsadmin.europarl.europa.eu. (
2017120500 ; serial
3600 ; refresh (1 hour)
3600 ; retry (1 hour)
86400 ; expire (1 day)
3600 ; minimum (1 hour)
)
;; Query time: 19 msec
;; SERVER: 136.173.159.209#53(136.173.159.209)
;; WHEN: Fri Dec 08 12:10:44 GMT 2017
;; MSG SIZE rcvd: 139
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/ - I xn--zr8h punycode
Fair Isle, East Faeroes: Northerly 7 to severe gale 9, occasionally storm 10
at first. High or very high. Squally snow showers. Moderate, occasionally very
poor.
More information about the dns-operations
mailing list